CVE-2017-20146
Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the...
CVE-2018-25046
Due to improper path santization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory. Read More
CVE-2013-10005
The RemoteAddr and LocalAddr methods on the returned net.Conn may call themselves, leading to an infinite loop which will crash the program due to a...
CVE-2014-125026
LZ4 bindings use a deprecated C API that is vulnerable to memory corruption, which could lead to arbitrary code execution if called with untrusted user...
CVE-2015-10004
Token validation methods are susceptible to a timing side-channel during HMAC comparison. With a large enough number of requests over a low latency connection, an...
CVE-2015-10005
A vulnerability was found in markdown-it up to 2.x. It has been classified as problematic. Affected is an unknown function of the file lib/common/html_re.js. The...
CVE-2018-25049
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The...
A Vulnerability in KSMBD for Linux Could Allow for Remote Code Execution
A vulnerability have been discovered in KSMBD for Linux that could allow for remote code execution. KSMBD is a Linux kernel daemon which implements the...
DSA-5306 gerbv – security update
Several vulnerabilities were discovered in gerbv, a Gerber file viewer, which could result in the execution of arbitrary code, denial of service or information disclosure...
CVE-2018-16135
The Opera Mini application 47.1.2249.129326 for Android allows remote attackers to spoof the Location Permission dialog via a crafted web site. Read More